TNW Sites

The F.B.I. confiscated an Instapaper server in an unrelated raid

You may remember the Pinboard outage from a couple of days ago. That outage turned out to be the result of an FBI raid on a data center run by DigitalOne. In the raid, the F.B.I. took a bunch of servers in what may have turned out to be a relatively indiscriminate snatch and grab.

The New York Times also reported the raid, citing an unnamed source as stating that the raid was part of an investigation of the Lulz Security group.

A Department of Justice announcement that seems to be related to the raid details its efforts to thwart a “scareware” operation that was distributing malware disguised as fake antivirus software. At this time there is no confirmation that the two are linked, but the timing makes it seem likely.

DigitalOne’s CEO, Sergej Ostroumow said that the F.B.I took additional computers that were unrelated to the specific client that they were after. One of those seems to be what was an Instapaper server.

Arment says that he is assuming that it was taken because the server became unreachable at the same time as the raid and has not come back online. The server was used as a ‘replication slave’ that was used to speed up the site, but no data was lost as a result of the server being taken.

Although the hardware was being leased and was not owned by Arment, there is still the matter of the F.B.I. being in possession of user data on the server.

Possibly most importantly, though, the FBI is now presumably in possession of a complete copy of the Instapaper database as it stood on Tuesday morning, including the complete list of users and any non-deleted bookmarks. (“Archived” bookmarks are not deleted. “Deleted” bookmarks are hard-deleted out of the database immediately.)

Instapaper stores only salted SHA-1 hashes of passwords, so those are relatively safe. But email addresses are stored in the clear, as is the saved content of each bookmark saved by the bookmarklet.

In addition, the server also contained a complete copy of the code for the Instapaper website. DigitalOne has not contacted Arment about the raid or the loss of the server. He states that this lack of communication may have been the reason that the F.B.I. was so indiscriminate about which servers that it took in the raid. Arment says that he will not be renewing his lease with DigitalOne.

This post was updated to clarify the nature of the Department of Justice announcement.